Mac Ransomware Coming

Image from

Mac Ransomware Coming: a reader asks…

I’ve been reading about ransomware and how big it’s getting. I have a 2015 Macbook Pro running MacOS Sierra and I keep it up-to-date. I don’t use any software not in the Mac App Store. Do I need to be worried or am I still safe?

While Mac users have been largely immune to computer viruses, malware and other threats, the immunity has never been 100%, and it’s starting to wear off. More and more hackers are targeting Mac users with various threats, including ransomware. Security researcher Fortinet recently discovered ransomware for Macs being offered on the Dark Web (see this article).


So the short answer is that you need to start thinking about how you use your Mac on a day-to-day basis. Do you use a standard account or an administrative account? Hint, the former is safer. Do you click on file attachments in email, click on hyperlinks in email or on websites, or open/run files downloaded from the internet? Hint, all are possible ways for ransomware to lock up your files.

Image from

It’s very possible that one day soon someone will release this or another Mac ransomware variant into the wild. Often these attacks are not very sophisticated, consisting of a spam email with a file attachment. Therefore, fairly easy to avoid. But hackers are getting better and better, using creativity to find ways around your defenses. One example would be to sneak a website ad into the ad-placing network, an ad that has a ransomware payload. Anyone clicking on the ad could find their computer’s files encrypted. Another would be to hack into and infect a popular website – anyone visiting that website could get the ransomware.

Using a standard Mac user account for your daily use will go a long way towards protecting you from such attack vectors. That’s because a standard account can’t run executable files that aren’t already registered in the Mac without asking for an administrator password. Go the rest of the way, and be very wary about providing that administrator password. Make sure you know what you’re doing when you give permission for a program or file to run.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.